CVE-2013-4564

2014-01-07 18:04:51 2014-02-25 19:02:23

Libreswan 3.6 allows remote attackers to cause a denial of service (crash) via a small length value and (1) no version or (2) an invalid major number in an IKE packet.

Vector

NETWORK

Complexity

LOW

Authentication

NONE

Confidentiality

NONE

Integrity

NONE

Availability

PARTIAL

Libreswan Libreswan 3.6 (not an official CPE)

Libreswan - Libreswan

Advisory	Patch	Confirmed	Link
			FEDORA-2013-23315
			FEDORA-2013-23250
			56276
			https://libreswan.org/security/CVE-2013-4564/CVE-2013-45...
			[Swan-announce] 20131211 Libreswan 3.7 released
			FEDORA-2013-23299

CVE-2013-4564

2014-01-07 18:04:51 2014-02-25 19:02:23

Vector

Complexity

Authentication

Confidentiality

Integrity

Availability

Numeric Errors (ID 189)